File Search: 

ThreatExpert's awareness of the file "sdra64.exe":

Across all ThreatExpert reports, the file "sdra64.exe" was mostly identified as a threat.
File "sdra64.exe" has the following statistics:
Total number of reports analysed611,932
Number of cases that involved the file "sdra64.exe"2,928
Number of incidents when this file was found to be a threat2,254
Statistical volume of cases when "sdra64.exe" was a threat77%
Please enable javascript to display the chart.
Notes:
  • Please note that the name of the file should NOT be used to define if it is legitimate or not. Such determination can only be made by observing its dynamic behaviour.
  • In order to check a file, please submit it to ThreatExpert.
  • For a comprehensive pro-active protection against threats, please consider ThreatFire - our behavioral antivirus solution.
The file "sdra64.exe" is known to be created under the following filenames:
%System%\sdra64.exe
%Temp%\17301.exe
%Temp%\18396.exe
%Temp%\18467.exe
%Temp%\19912.exe
%Temp%\20545.exe
%Temp%\22104.exe
%Temp%\6334.exe
%Temp%\8140.exe
%Temp%\directwin.exe
%Temp%\sdra64.exe
%Temp%\system.exe
%Temp%\temp.exe
%Windir%\temp\rdl1.tmp.exe
c:\palma.exe
Notes:
  • %System% is a variable that refers to the System folder. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
  • %Temp% is a variable that refers to the temporary folder in the short path form. By default, this is C:\Documents and Settings\[UserName]\Local Settings\Temp\ (Windows NT/2000/XP).
  • %Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.

The file "sdra64.exe" has the following possible countries of origin:
OriginNumber of Incidents
Russian Federation156
China8
Italy7
Finland6
Taiwan1
United Kingdom1

The following threats are known to be associated with the file "sdra64.exe":
Threat AliasNumber of Incidents
Trojan-Spy.Win32.Zbot.gen [Kaspersky Lab]1,104
PWS:Win32/Zbot.gen!R [Microsoft]714
Trojan.Zbot [PC Tools]486
Mal/Generic-A [Sophos]439
Mal/Zbot-O [Sophos]401
Trojan.Zbot!gen3 [Symantec]358
Mal/EncPk-LE [Sophos]340
Packed.Generic.232 [Symantec]338
Trojan-Spy.Win32.Zbot [Ikarus]298
Trojan.FakeAV [Symantec]289
Trojan.FakeAV [PC Tools]288
Trojan-Spy.Win32.Zbot.aduq [Kaspersky Lab]288
Infostealer.Banker.C [Symantec]238
Spy-Agent.bw.gen.e [McAfee]196
PWS:Win32/Zbot.PG [Microsoft]182
HeurEngine.MaliciousPacker [PC Tools]176
Trojan.Zbot!gen2 [Symantec]150
Trojan Horse [Symantec]135
PWS:Win32/Zbot.gen!W [Microsoft]123
Generic PWS.y!bni [McAfee]110
Win-Trojan/Zbot.139776.B [AhnLab]110
PWS:Win32/Zbot.J [Microsoft]97
Win32/IRCBot.worm.variant [AhnLab]89
TSPY_ZBOT.SMJB [Trend Micro]81
PWS:Win32/Zbot [Microsoft]69
PWS-Zbot.gen.x [McAfee]62
Trojan-PSW.Banker [PC Tools]62
PWS:Win32/Zbot.M [Microsoft]60
Trojan.Generic [PC Tools]58
Infostealer [Symantec]51
Mal/Behav-353, Mal/EncPk-LE [Sophos]50
Packed.Win32.Krap.ae [Kaspersky Lab]50
Trojan.Zbot [Symantec]46
Packed.Win32.Krap [Ikarus]43
Spy-Agent.bw.gen.d [McAfee]41
Mal/Zbot-I [Sophos]39
Packed.Win32.Krap.w [Kaspersky Lab]38
PWS:Win32/Zbot.I [Microsoft]37
Mal/EncPk-CZ [Sophos]35
Mal/Zbot-O, Mal/EncPk-CZ [Sophos]34
PWS.Win32 [Ikarus]32
Downloader.Delphi [Ikarus]28
Mal/EncPk-LE, Mal/Behav-353 [Sophos]28
Trojan:Win32/Meredrop [Microsoft]28
Infostealer.Bancos [Symantec]27
Suspicious.MH690 [Symantec]27
Trojan.Win32.Regrun [Ikarus]27
PWS-Zbot [McAfee]23
Packed.Generic.233 [Symantec]22
VirTool:Win32/VBInject.gen!CE [Microsoft]22
PWS:Win32/Zbot.PJ [Microsoft]21
PWS:Win32/Zbot.RS [Microsoft]21
Spy-Agent.eh [McAfee]21
Troj/Zbot-DX [Sophos]21
BackDoor-DKI.gen.bf [McAfee]20
Mal/Zbot-P [Sophos]20
Mal/EncPk-KI [Sophos]19
Generic PWS.y!brd [McAfee]18
Trojan-Banker.Win32.Bancos [Ikarus]18
Generic PWS.cf [McAfee]17
Mal/EncPk-HZ [Sophos]16
PWS:Win32/Zbot.PI [Microsoft]16
Trojan.Win32.FakeXPA [Ikarus]16
Trojan.Win32.Scar.ayhb [Kaspersky Lab]16
W32/Sdbot.worm.gen.ax [McAfee]16
Mal/Behav-353 [Sophos]15
Mal/EncPk-IF [Sophos]15
Mal/FakeAV-AX [Sophos]15
Troj/Zbot-HJ [Sophos]15
Backdoor.Trojan [Symantec]14
Mal/WaledPak-A [Sophos]14
Trojan-PSW.Bancos [PC Tools]14
Trojan-Spy.Zbot [Ikarus]14
Mal/EncPk-HJ [Sophos]13
Mal/Zbot-Q [Sophos]13
Packed.Win32.Krap.ah [Kaspersky Lab]13
Trojan.Win32.Zbot [Ikarus]13
Trojan-PSW.Generic [PC Tools]13
Mal/Generic-A, Mal/EncPk-LE [Sophos]12
Trojan.Win32.VBKrypt [Ikarus]12
Win-Trojan/MalCrypted.Gen [AhnLab]12
Mal/Behav-043 [Sophos]11
Packed.Win32.Krap.ar [Kaspersky Lab]11
Trojan-Dropper.Win32.Wlord.gen [Kaspersky Lab]11
VirTool:Win32/VBInject.gen!CN [Microsoft]11
Backdoor.Trojan [PC Tools]10
Generic PWS.y!bxo [McAfee]10
Mal/EncPk-KH [Sophos]10
PWS-Zbot.gen.al [McAfee]10
Trojan.Win32.Scar [Ikarus]10
Trojan:Win32/Malagent [Microsoft]10
Trojan-Ransom [Ikarus]10
Trojan-Ransom.Win32.BlueScreen.gc [Kaspersky Lab]10
Win-Trojan/Buzus.73728.AB [AhnLab]10
Mal/EncPk-KD [Sophos]9
Mal/EncPk-KP [Sophos]9
Trojan-Downloader.Win32.Piker [Ikarus]9
Win-Trojan/Zbot.113152.B [AhnLab]9
FakeAlert-DA [McAfee]8
Generic PWS.y!byc [McAfee]8